<?php

class UserProfileController extends Controller
{
	public $layout='//layouts/column2';
	public $defaultAction='view';
	/**
	 * @return array action filters
	 */
	public function filters()
	{
		return array(
			'accessControl', // perform access control for CRUD operations
		);
	}
	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			 array('allow', // allow authenticated user to perform 'create' and 'update' actions
                'actions'=>array('view','update'),
                'users'=>array('@'),
            ),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}
	/**
	 * Displays a particular model.
	 * @param integer $id the ID of the model to be displayed
	 */
	public function actionView($id)
	{
		// check myself
		if(Yii::app()->user->id !== $id)
		{
            throw new CHttpException(403,'Bạn không có quyền hạn truy cập trang này.');
		}
		$user = $this->loadModel($id);
		$user->password = $this->hidePassword($user->password);
		$this->render('view',array(
			'model'=>$user,
		));
	}

	/**
	 * Updates a particular model.
	 * If update is successful, the browser will be redirected to the 'view' page.
	 * @param integer $id the ID of the model to be updated
	 */
	public function actionUpdate($id)
	{
		// check myself
		if(Yii::app()->user->id !== $id)
		{
            throw new CHttpException(403,'Bạn không có quyền hạn truy cập trang này.');
		}
		
		$model=$this->loadModel($id);
		if(!isset($_POST['User']))
		{
			$model->password='';
		}
		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);
		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			if ($model->validate()){    
				$model->encryptPassword();
				if($model->save(false)){
					// update user's fullname in session
					Yii::app()->user->setState('fullname',$model->full_name);
					$this->redirect(array('view','id'=>$model->id));
				}
			}
		}

		$this->render('update',array(
			'model'=>$model,
		));
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * @param integer the ID of the model to be loaded
	 */
	public function loadModel($id)
	{
		$model=User::model()->findByPk($id);
		if($model===null)
			throw new CHttpException(404,'The requested page does not exist.');
		$userType=UserType::model()->findByPk($model->user_type_id);
		$model->user_type_name = $userType->name;
		return $model;
	}

	/**
	 * Performs the AJAX validation.
	 * @param CModel the model to be validated
	 */
	protected function performAjaxValidation($model)
	{
		if(isset($_POST['ajax']) && $_POST['ajax']==='user-form')
		{
			echo CActiveForm::validate($model);
			Yii::app()->end();
		}
	}
	private function hidePassword($password){
		$new_password = "";
		for($i = 0; $i < strlen($password); $i++)
		{
			$new_password = $new_password."*";	
		}
		return $new_password;
	}
}
